Did you do any ssh hardening on the Hypervisors ?

Best Regards,
Strahil Nikolov

On Thu, Mar 18, 2021 at 16:17, penguin pages
<jeremey.wise@gmail.com> wrote:

Fresh install CentOS8 Streams.  Gluster wizard runs and deploys.  Engine installs on node.

I copy over /etc/hosts  for primary site resources to ovirt engine so it can find primary cluster nodes without DNS being booted / up at that time.

I check ovirt engine can ssh to the three nodes... so as root I generate SSH key and do ssh-copy-id  to all three nodes.

So as much as I can validate communication is working..  i have.

When I "add host" -> use FDN -> input root password

But it shows up in GUI host list with "install fails"


Only message is :
[root@ovirt01 ~]# cat /var/log/ovirt-engine/ansible-runner-service.log
2021-03-18 09:44:15,998 - runner_service.controllers.hosts - DEBUG - Adding host odin.penguinpages.local to group ovirt
2021-03-18 09:44:16,344 - runner_service.services.hosts - ERROR - SSH - NOCONN:SSH error - 'odin.penguinpages.local' not found; check DNS or /etc/hosts
2021-03-18 10:07:15,970 - root - INFO - Analysing local configuration options from /etc/ansible-runner-service/config.yaml
2021-03-18 10:07:15,975 - root - INFO - - setting playbooks_root_dir to /usr/share/ovirt-engine/ansible-runner-service-project
2021-03-18 10:07:15,975 - root - INFO - - setting ssh_private_key to /etc/pki/ovirt-engine/keys/engine_id_rsa
2021-03-18 10:07:15,975 - root - INFO - - setting port to 50001
2021-03-18 10:07:15,975 - root - INFO - - setting target_user to root
2021-03-18 10:07:15,975 - root - INFO - - setting log_path to /var/log/ovirt-engine
2021-03-18 10:07:15,975 - root - INFO - Analysing runtime overrides from environment variables
2021-03-18 10:07:15,975 - root - INFO - No configuration settings overridden
2021-03-18 10:07:15,995 - root - INFO - Loaded logging configuration from /etc/ansible-runner-service/logging.yaml
2021-03-18 10:07:16,004 - runner_service.controllers.hosts - DEBUG - Request received, content-type :None
2021-03-18 10:07:16,005 - runner_service.controllers.hosts - INFO - 127.0.0.1 - GET /api/v1/hosts/thor.penguinpages.local
2021-03-18 10:07:16,013 - runner_service.controllers.hosts - DEBUG - Request received, content-type :application/json; charset=UTF-8
2021-03-18 10:07:16,013 - runner_service.controllers.hosts - INFO - 127.0.0.1 - POST /api/v1/hosts/thor.penguinpages.local/groups/ovirt
2021-03-18 10:07:16,013 - runner_service.controllers.hosts - DEBUG - additional args received
2021-03-18 10:07:16,014 - runner_service.controllers.hosts - DEBUG - Adding host thor.penguinpages.local to group ovirt
2021-03-18 10:07:16,339 - runner_service.services.hosts - ERROR - SSH - NOCONN:SSH error - 'thor.penguinpages.local' not found; check DNS or /etc/hosts
2021-03-18 10:07:38,333 - runner_service.controllers.hosts - DEBUG - Request received, content-type :None
2021-03-18 10:07:38,334 - runner_service.controllers.hosts - INFO - 127.0.0.1 - GET /api/v1/hosts/thor.penguinpages.local
2021-03-18 10:07:38,339 - runner_service.controllers.hosts - DEBUG - Request received, content-type :application/json; charset=UTF-8
2021-03-18 10:07:38,339 - runner_service.controllers.hosts - INFO - 127.0.0.1 - POST /api/v1/hosts/thor.penguinpages.local/groups/ovirt
2021-03-18 10:07:38,339 - runner_service.controllers.hosts - DEBUG - additional args received
2021-03-18 10:07:38,340 - runner_service.controllers.hosts - DEBUG - Adding host thor.penguinpages.local to group ovirt
2021-03-18 10:07:38,713 - runner_service.services.hosts - ERROR - SSH - NOCONN:SSH error - 'thor.penguinpages.local' not found; check DNS or /etc/hosts


But ssh is fine to all hosts works fine.
[root@ovirt01 ~]# ssh thor.penguinpages.local
Web console: https://thor.penguinpages.local:9090/ or https://172.16.100.101:9090/

Last login: Wed Mar 17 11:27:34 2021 from 172.16.101.103
[root@thor ~]# exit
logout
Connection to thor.penguinpages.local closed.
[root@ovirt01 ~]# ssh medusa.penguinpages.local
Activate the web console with: systemctl enable --now cockpit.socket

Last login: Thu Mar 18 10:06:40 2021 from 172.16.100.186
[root@medusa ~]# exit
logout
Connection to medusa.penguinpages.local closed.
[root@ovirt01 ~]# ssh odin.penguinpages.local
Activate the web console with: systemctl enable --now cockpit.socket

Last login: Wed Mar 17 16:02:46 2021 from 172.16.100.186
[root@odin ~]# exit
logout
Connection to odin.penguinpages.local closed.
[root@ovirt01 ~]#


_______________________________________________
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-leave@ovirt.org
Privacy Statement: https://www.ovirt.org/privacy-policy.html
oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/
List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/22L6ZLIB6ARWKOGOAQ2YLZ3OA6EGJJN6/